Network system and network band control management method

ABSTRACT

[Problem] Provided are a network system and a network bandwidth control management method capable of preventing packets that need to preferentially flow from being discarded at a time of high load.[Solution] A network system 100 includes an external SW 20 that is provided between a virtualization platform and an external NW 20 and configured to control a bandwidth amount of packets flowing into an OVS 5, and an NW control management device 10 that is configured to modify a configuration of bandwidth control and priority control of the external SW 20 in response to addition or deletion of a service of the virtualization platform based on information acquired from compute nodes 1 to 3, a network node 6, and a controller node 7.

TECHNICAL FIELD

The present invention relates to a network system and a networkbandwidth control management method.

BACKGROUND ART

It is important for network operators to effectively utilize resourcesof the entire network to maintain transfer quality and reduce networkcosts. A network virtualization technique has been proposed as atechnique for flexibly handling sudden and irregular changes of thenetwork, which will realize diversification of services in the relatedart and the effective utilization of the network resources.

A technique for realizing virtual machines (hereinafter, referred to asvirtual machines VM), which are a plurality of virtual computers on asingle physical server, by software called a hypervisor has been known.The virtual machines VM can independently operate an operating system.The physical server on which the plurality of virtual machines VMoperates is a computer such as a workstation or a personal computer. Inan environment in which a plurality of virtual machine servers isconnected via a network, the virtual machines VM realized on the virtualmachine server can also communicate via the network.

OpenStack is a software group for constructing a cloud environmentdeveloped by an open source project. In the OpenStack, a cloudenvironment that provides resources of the lowest layer such as virtualmachines, storages, and networks can be constructed. The types of thequality of service (QoS) rules of the OpenStack includes a bandwidthlimit, a minimum bandwidth, and packet priority (DSCP: DifferentiatedServices Code Point), and the bandwidth can be limited (see Non PatentLiterature 1). The QoS is a function of guaranteeing a certain type ofnetwork requirement such as a bandwidth, a delay, a jitter, orreliability, and is used to meet a service-level agreement (SLA) betweenapplication providers and users. Network devices such as switches androuters can achieve the QoS condition agreed in the SLA by givingpriority marks to traffics.

The QoS of an open virtual switch (OVS) commonly utilized in theOpenStack supports shaping for an output (egress) and policing for aninput (ingress) (see Non Patent Literature 2).

The policing is performed on the input of the OVS, and when an upperlimit of the bandwidth is configured for each service and the bandwidthexceeds the configured value, the packet is discarded. The upper limitof the bandwidth is configured for each service, and when operationmanagement as a system is necessary, the operator needs to design thenetwork and modify the configured value in consideration of otherservices and the throughput of the OVS. However, in a virtualizationenvironment, the service is frequently added or deleted, and thus, aredesign work of the network becomes cumbersome.

When a certain service is used up to the bandwidth upper limit in astate in which the traffic of the NW is low in the entire virtualizationplatform, the service can use the bandwidth up to the configured upperlimit. It is necessary to temporarily modify the bandwidth upper limitin order to effectively utilize the NW, but it is necessary for amaintenance party to perform a manual operation.

Hereinafter, network bandwidth control in a virtualization platform ofthe related art will be described.

FIGS. 15 and 16 are diagrams for illustrating the network bandwidthcontrol in the virtualization platform of the related art.

As illustrated in FIGS. 15 and 16, a network system according to therelated art includes a virtual machine VM₁ that provides, in a physicalserver, a service A, a virtual machine VM₂ that provides a service B, avirtual machine VM₃ that provides a service C, a virtual machine VM₄,and compute nodes 1 to 3, a network node 6, and a controller node 7which are components constituting OpenStack, and an L2 switch L2SW(hereinafter, referred to as L2SW) 4.

The virtual machine VM1 to the virtual machine VM4 are connected to anexternal network NW8 via the network node 6.

The virtual servers VM1 to VM4 are virtual information processingdevices that are realized by software. The virtual servers VM1 to VM4are connected to the L2SW 4 via a virtual switch (not illustrated). TheL2SW 4 is hardware for switching communications of the virtual serversVM₁ to VM4, which include their own virtual switch, in the physicalserver. The L2SW as the hardware is required to connect the plurality ofcomputes, and this device serves as the L2SW 4.

The OpenStack utilizes nodes (physical or virtual servers) for eachrole. In FIG. 15, the OpenStack is divided into the compute nodes 1 to3, the network node 6, and the controller node 7.

The compute nodes 1 to 3 perform the construction and control of thevirtualization platform. The compute node 1 is a node on which thevirtual machine VM₁ operates, the compute node 2 is a node on which thevirtual machine VM₂ and the virtual machine VM3 operate, and the computenode 3 is a node on which the virtual machine VM₄ operates.

The network node 6 performs virtualization and management of thenetwork. The network node 6 is a server that provides network servicesfor instances such as an Internet Protocol (IP) transfer and DynamicHost Configuration Protocol (DHCP). The network node 6 providesfunctions such as virtual router and DHCP by the compute nodes 1 to 3.The network node 6 includes the OVS 5.

In the OpenStack, an upper limit of the bandwidth can be configured foreach service. When the bandwidth exceeds the upper limit of thebandwidth, the OVS 5 discards the packet by policing on input.

The controller node 7 places, among the components, a component forcontrol of all the services of the management system. The controllernode 7 is a management server that processes requests from a user orother nodes and manages the entire OpenStack. The controller node 7 canconfigure an upper limit of the bandwidth of only the network node 6.

In the example of FIG. 15, the bandwidth upper limits are configured to4 Gbps, 3 Gbps, and 2 Gbps for a service A (priority: high), a service B(priority: low), and a service C (priority: low).

For example, as indicated by reference symbol a of FIG. 15, when abandwidth of 3 Gbps is input to the service C, the packets for 2 Gbpspass by policing control, and the remaining packets for 1 Gbps arediscarded (see, reference symbol b of FIG. 15).

The policing is to discard the packet when the service exceeds the upperlimit bandwidth regardless of the traffic volume of the entire NW of thevirtualization platform. Thus, when the traffic volume of the entire NWof the virtualization platform is low and a certain service exceeds thebandwidth upper limit, there is room in the NW, but the packet may bediscarded due to the configured upper limit. That is, the packets ofwhich the bandwidth exceeds the bandwidth upper limit are discarded bythe policing in which the bandwidth upper limit is configured.

On the other hand, when each service does not exceed the bandwidth upperlimit, the input packets flow into the OVS 5 without performing thepolicing. However, when the total traffic of all services (hereinafter,referred to as “total traffic volume”) exceeds the throughput limit ofthe OVS 5, the packets are discarded without distinguishing the priorityof the packet, and thus, service interruption or delay of thevirtualization platform occurs.

For example, when the throughput of the OVS 5 illustrated in FIG. 16 isonly 8 Gbps, the input packet may amount to 9 Gbps, the sum of 4 Gbps, 3Gbps, and 2 Gbps.

Thus, the OVS 5 discards the packets for 1 Gbps in volume, but discardsthe packets for the service A with high priority similarly to theservices B and C with low priority (see, reference symbol c of FIG. 4).That is, the OVS 5 discards the packets without considering the priorityin a case where OVS throughput is smaller than the total traffic volume.

CITATION LIST Non Patent Literature

-   Non Patent Literature:    https://docs.openstack.org/ocata/ja/networking-guide/config-qos.html-   Non Patent Literature 2:    https://docs.openvswitch.org/en/latest/faq/qos/

SUMMARY OF THE INVENTION Technical Problem

In the OpenStack, a plurality of services is installed on thevirtualization platform, and is connected to the OVS 5. In the QoS ofthe OpenStack, the upper limit of the bandwidth is configured for eachservice. Thus, when each service exceeds the upper limit, the packetsare discarded, and when each service does not exceed the upper limit,the policing does not work. In particular, when a large number ofpackets are flowing from the external SW, from the perspective of theentire NW of the virtualization platform, the packets of the individualservice, for which the bandwidth does not exceed, flow into the OVS 5,increasing a processing load of the OVS 5, and creating a congestion.That is, the packet loss occurs even though each service is equal to orless than the configured upper limit of the bandwidth. The OVS 5performs policing in which the packets do not enter a queue. Thus, thepackets are discarded even if the packets that needs to be prioritizedflow form the external NW. This causes delay due to communicationinterruption or packet retransmission of the service installed on thevirtualization platform occurs. For example, even with a service withhigh priority such as phone calls, the packet may be discarded, andthus, the service may not be established.

One of countermeasures to such occurrence is a manual configurationmethod of providing external L2SW or L3SW between the virtualizationplatform such as OpenStack and the external NW and manually configuringbandwidth control in advance. However, in this manual configurationmethod, the operator needs to make a design in consideration of thebandwidths of all the services. In this manual configuration method, theoperator needs to review the design and perform reconfiguration wheneverthe service is added or deleted.

The present invention has been made in view of such a background, and anobject of the present invention is to provide a network system and anetwork bandwidth control management method capable of preventingpackets that need to preferentially flow at a high load from beingdiscarded.

Means for Solving the Problem

In order to solve the aforementioned problems, in accordance with theinvention according to claim 1, there is provided a network system, inwhich a plurality of services are installed on a virtualization platformand a component constituting OpenStack connected to an open virtualswitch (OVS) is included, the OVS being configured to discard packetswhen the packets flowing from an external NW exceed an upper limit of abandwidth configured for each service. The network system includes anexternal SW that is provided between the virtualization platform and theexternal NW, and configured to control a bandwidth of packets flowing tothe OVS, and an NW control management device configured to modify aconfiguration of bandwidth control and priority control of the externalSW in response to addition or deletion of the service of thevirtualization platform based on information acquired from thecomponent.

In accordance with the invention according to claim 3, in the networksystem according to claim 1, the NW control management device includes adata management unit configured to acquire information on a VM from acontroller node constituting the component, and to manage informationregarding NW control including an ID, an IP address, a MAC address, aVLAN, and a bandwidth of each service: an NW control unit configured tocollect information from a ceilometer provided on the virtualizationplatform, to monitor an NW bandwidth amount of the external SW, and torelease or configure a bandwidth limit corresponding to a usage amountof each VM when the upper limit of the bandwidth is not configured orwhen there is an available bandwidth; and an external SW configurationunit that is configured to generate configuration information forconfiguring a bandwidth amount to be allocated to each service on theexternal SW, and is configured to be connected to the external SW toinput the configuration information.

In accordance with the invention according to claim 6, there is provideda network bandwidth control management method, in which a plurality ofservices are installed on a virtualization platform and a componentconstituting OpenStack connected to an open virtual switch (OVS) isincluded, the OVS being configured to perform policing of packets whenthe packets flowing from an external NW exceed an upper limit of abandwidth configured for each service, the network bandwidth controlmanagement method including: changing a configuration of bandwidthcontrol and priority control of an external SW in response to additionor deletion of the service of the virtualization platform based oninformation acquired from the component in an NW control managementdevice that controls NW control, and controlling a bandwidth amount ofthe packets flowing into the OVS in the external SW provided between thevirtualization platform and the external NW.

Thus, the congestion in the OVS on the virtualization platform can beeliminated, and the packets to be prioritized can be processed. It ispossible to prevent the packets that need to preferentially flow frombeing discarded at a time of high load.

In accordance with the invention according to claim 2, in the networksystem according to claim 1, the NW control management device isconfigured to generate configuration information for configuringinformation regarding an NW including a VLAN, an upper limit bandwidth,and priority which are related to the service on the external SW, basedon the acquired information, and the NW control management device isconfigure to be connected to the external SW, and to modify theconfiguration of the external SW according to the generatedconfiguration information.

Thus, the NW control management device can modify the configuration ofthe bandwidth control and the priority control in accordance with theexternal SW.

In accordance with the invention according to claim 4, in the networksystem according to claim 1, the NW control management device includes adata storage unit configured to identify a bandwidth amount that isprocessable by the OVS of the virtualization platform, and to store anupper limit of the bandwidth amount, the NW control management device isconfigured to collect information from a ceilometer provided on thevirtualization platform, to monitor an NW bandwidth amount of theexternal SW, and to acquire traffic information of each serviceperiodically, and the NW control management device is configured togenerate configuration information such that a bandwidth is secured fora service with high priority and an upper limit bandwidth is reduced fora service with low priority before each service does not exceed an upperlimit bandwidth configured for each service and an upper limit of athroughput of the OVS is exceeded.

Thus, the status of the NW usage of the virtualization platform ismonitored, and the bandwidth control can be automatically modified inresponse to the service available up to the bandwidth upper limit and anstatus of the NW availability of the virtualization platform.Accordingly, the NW of the virtualization platform can be effectivelyutilized. In particular, the packets can flow into the virtualizationplatform from the service with high priority in the external NW, and theservice interruption of the service with high priority can be avoided.

In accordance with the invention according to claim 5, the networksystem according to claim 4, the NW control management device isconfigured to identify a time, month, day, or day of the week when atraffic volume of each service is the greatest or is small, and the NWcontrol management device is configured to create configurationinformation to temporarily increase the upper limit bandwidth of theservice when the service tends to exceed the upper limit bandwidth andthere is room in the NW bandwidth of the entire virtualization platform.

Thus, the function of automatic modification of the bandwidth upperlimit of the bandwidth control of the virtualization platform and theexternal SW 20 temporarily is provided, and the NW of the virtualizationplatform can be effectively utilized.

Effects of the Invention

According to the present invention, it is possible to provide thenetwork system and the network bandwidth control management methodcapable of preventing the packets that need to preferentially flow at ahigh load from being discarded.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram illustrating a configuration example of a networksystem according to an embodiment of the present invention.

FIG. 2 is a functional block diagram illustrating a detailedconfiguration of an NW control management device of the network systemaccording to the present embodiment.

FIG. 3A is a diagram illustrating an example of records of a DB thatstores a usage bandwidth amount at each date and time for each serviceof the network system according to the present embodiment.

FIG. 3B is a diagram illustrating an example of records of a DB thatstores information regarding NW control such as an ID, an IP address, aMAC address, a VLAN, and a bandwidth of each service of the networksystem according to the present embodiment.

FIG. 4 is a diagram illustrating an operational example of the networksystem according to the present embodiment in the case of serviceregistration.

FIG. 5 is a diagram illustrating an operational example 1 of the networksystem according to the present embodiment in operation.

FIG. 6 is a graph representing a traffic volume of daily trends of thenetwork system according to the present embodiment.

FIG. 7 is a diagram illustrating an operational example 2 of the networksystem according to the present embodiment in operation.

FIG. 8 is a graph representing a traffic volume of daily trends of thenetwork system according to the present embodiment.

FIG. 9 is a diagram illustrating an operational example 3 of the networksystem according to the present embodiment in operation.

FIG. 10 is a diagram illustrating an operational example 4 of thenetwork system according to the present embodiment in operation.

FIG. 11 is a diagram illustrating a pattern example 1 when OVSthroughput is equal to or greater than total traffic volume andpriorities are identical (all high or low) in the network systemaccording to the present embodiment.

FIG. 12 is a diagram illustrating a pattern example 2 when OVSthroughput is less than total traffic volume and priorities areidentical (all high or low) in the network system according to thepresent embodiment.

FIG. 13 is a diagram illustrating a pattern example 3 when OVSthroughput is equal to or greater than total traffic volume andpriorities are mixed in the network system according to the presentembodiment.

FIG. 14 is a diagram illustrating a pattern example 4 when OVSthroughput is less than total traffic volume and priorities are mixed inthe network system according to the present embodiment.

FIG. 15 is a diagram for describing network bandwidth control in avirtualization platform of the related art.

FIG. 16 is a diagram for describing network bandwidth control in thevirtualization platform of the related art.

DESCRIPTION OF EMBODIMENTS

Hereinafter, a network system and the like in a mode for implementingthe present invention (hereinafter referred to as the “embodiment of thepresent invention”) will be described with reference to the drawings.

Embodiment Configuration of Network System 100

FIG. 1 is a diagram illustrating a configuration example of a networksystem according to an embodiment of the present invention. FIG. 1illustrates an initial state of an example operation of the networksystem. The identical components as those in FIG. 15 are denoted by theidentical reference signs.

As illustrated in FIG. 1, the network system 100 includes a virtualmachine VM2 that provides, in a physical server, a service B providing aservice A, a virtual machine VM₃ that provides a service C, a virtualmachine VM4, and compute nodes 1 to 3, a network node 6, a controllernode 7, and an L2SW 4 that constitute OpenStack which has a plurality ofservices installed on a virtualization platform and is connected to anOVS 5.

The network system 100 includes an NW control management device 10 thatis configured to modify a configuration of bandwidth control andpriority control of an external SW 20 in response to addition ordeletion of the service of the virtualization platform based oninformation acquired from the compute nodes 1 to 3, the network node 6,and the controller node 7, and an external SW 20 that is providedbetween the virtualization platform and an external NW 20 and configuredto control the bandwidth amount of the packets flowing into the OVS 5.

The virtual machine VM₁ to the virtual machine VM₄ are connected to theexternal NW 8 via the network node 6.

The virtual servers VM₁ to VM4 are virtual information processingdevices that are realized by software. The virtual servers VM1 to VM₄are connected to the L2SW 4 via a virtual switch (not illustrated). TheL2SW 4 is hardware for switching communications of the virtual serversVM₁ to VM₄, which include their own virtual switch, in the physicalserver.

The OpenStack utilizes a node (physical or virtual servers) for eachrole. In FIG. 1, the OpenStack is divided into the compute nodes 1 to 3,the network node 6, and the controller node 7.

The compute nodes 1 to 3 perform the construction and control of thevirtualization platform. The compute node 1 is a node on which thevirtual machine VM₁ operates, the compute node 2 is a node on which thevirtual machine VM₂ and the virtual machine VM₃ operate, and the computenode 3 is a node on which the virtual machine VM₄ operates.

The network node 6 performs virtualization and management of thenetwork. The network node 6 is a server that provides network servicesfor instances such as IP transfer and DHCP. The network node 6 providesfunctions such as virtual router and DHCP by the compute nodes 1 to 3.The network node 6 includes the OVS 5.

In the OpenStack, an upper limit of the bandwidth can be configured foreach service. When the bandwidth exceeds the upper limit of thebandwidth, the OVS 5 discards the packet by policing on input.

The controller node 7 places, among the components, a component forcontrol of all the services of the management system. The controllernode 7 is a management server that processes requests from a user orother nodes and manages the entire OpenStack. The controller node 7 canconfigure an upper limit of the bandwidth of only the network node 6.

When the packet that flows from the external NW 20 exceeds the upperlimit of the bandwidth configured for each service, the OVS 5 performspolicing of the packet.

NW Control Management Device 10

The NW control management device 10 is configured to generate Configinformation (configuration information) for configuring informationregarding the NW including a virtual LAN (VLAN), an upper limitbandwidth, and priority which are related to the services for theexternal SW 20 based on the information acquired from the compute nodes1 to 3, the network node 6, and the controller node 7. In addition, theNW control management device 10 is configured to be connected to theexternal SW 20, and modifies the configuration of the external SW 20according to the generated Config information.

The NW control management device 10 includes a data management storageunit 114 (see FIG. 2) configured to identify the bandwidth amount thatis processable by the OVS 5 of the virtualization platform and to storean upper limit the bandwidth amount. The NW control management device 10is configured to collect information from a ceilometer provided on thevirtualization platform, to monitor the NW bandwidth amount of theexternal SW 20, and to acquire traffic information of each serviceperiodically. The NW control management device 10 is configured togenerate Config information such that the bandwidth is secured for aservice with high priority and the bandwidth is reduced for a servicewith low priority before each service does not exceed an upper limit ofthe bandwidth configured for each service and exceeds an upper limit ofthroughput of the OVS 5.

The NW control management device 10 is configured to identify the trendsof time, month, day, or day of the week when a traffic volume of eachservice is the greatest or is small, and to create the Configinformation that temporarily modifies the upper limit bandwidth of theservice when the service tends to exceed the upper limit bandwidth andthere is room in the NW bandwidth of the overall virtualizationplatform.

The NW control management device 10 is configured to monitor a usagesituation of the NW of the virtualization platform, and to modify thebandwidth upper limit of the bandwidth control of the virtualizationplatform and the external SW 20 temporarily in consideration of servicesavailable to the bandwidth upper limit and an available situation of theNW of the virtualization platform.

The NW control management device 10 has the following functions (1) to(3).

(1) The NW control management device 10 is configured to manage datainformation of each service managed by the controller node 7. The datainformation of each service includes, for example, the followinginformation.

-   -   VM_ID    -   VLAN_ID, MAC address (in case of L2)    -   IP address, subnet (in case of L3)    -   upper limit bandwidth

(2) The NW control management device 10 has a function of collectinginformation from the network node 6 by the ceilometer and the like, andhas a function of collecting and controlling NW information collected inthe external SW 20. The functions of collecting and controlling the NWinclude, for example, the following functions.

-   -   traffic volume of each service periodically collected    -   traffic volume of each current service    -   modify control of upper limit bandwidth corresponding to        bandwidth variation.

(3) The NW control management device 10 has a function of configuringthe external SW 20. The function of configuring the external SW 20includes, for example, the following functions.

-   -   generating the Config information of the external SW 20 based on        the configuration information of (1) in response to the addition        or removal of the service    -   generating the Config information for temporarily rewriting the        configuration information from the periodic traffic volume        of (2) and the current traffic volume in consideration of the        bandwidth variation    -   connecting to the external SW 20 and inputting the Config        information

External SW 20

The external SW 20 is provided between the virtualization platform andthe external NW 20 and is configured to control the bandwidth amount ofthe packet flowing into the OVS 5. The external SW 20 has reachabilityoperable by the NW control management device 10.

Detailed Configuration of NW Control Management Device 10

FIG. 2 is a functional block diagram illustrating a detailedconfiguration of the NW control management device 10.

As illustrated in FIG. 2, the NW control management device 10 includes adata management unit 110 configured to acquire information on the VMfrom the controller node 7 and to manage information regarding the NWcontrol including an ID, an IP address, a MAC address, a VLAN, and abandwidth of each service: an NW control unit 120 configured to collectinformation from the ceilometer provided on the virtualization platform,to monitor the NW bandwidth amount of the external SW 20, and to releaseor configure the bandwidth limitation corresponding to the usage amountof each VM when the upper limit of the bandwidth is not configured orwhen there is the available bandwidth; and an external SW configurationunit 130 that is configured to generate Config information forconfiguring the bandwidth amount to be allocated to each service on theexternal SW 20, and is configured to be connected to the external SW 20to input Config information.

Data Management Unit 110

The data management unit 110 is configured to manage the information onthe VM generated in a virtualization environment from the controllernode 7 of the OpenStack.

The data management unit 110 includes a data update check unit 111, adata reception unit 112, a data comparison and data update unit 113, andthe data management storage unit 114.

The data update check unit 111 is configured to check the controllernode 7 periodically for whether the VM information is updated.

The data reception unit 112 is configured to receive data acquired fromthe controller node 7.

The data comparison and data update unit 113 is configured to compareinformation on the received data with the data management information.When there is a modification, the information is transferred to theexternal SW 20 configuration, and data management is updated. The datamanagement storage unit 114 is configured to store a throughput value ofthe OVS 5. The data management storage unit 114 is configured to storethe usage bandwidth amount at each date and time for each service (seeFIG. 3A). The data management storage unit 114 is configured to storeinformation regarding the NW control such as the ID, the IP address, theMAC address, the VLAN, and the bandwidth of each service (see FIG. 3A).

NW Control Unit 120

The NW control unit 120 is configured to monitor the NW bandwidth amountof the ceilometer, the external SW 20 or the like, when the upper limitof the bandwidth is not configured or there is the available bandwidth.And the NW control unit 120 is configured to release or configure thebandwidth limitation corresponding to the usage of each VM.

The NW control unit 120 includes an NW usage situation check unit 121, asituation reception unit 122, an available bandwidth amount calculationunit 123, and a bandwidth amount comparison and allocatable bandwidthcalculation unit 124.

The NW usage situation check unit 121 is configured to check, to afunction of managing the NW bandwidth of the ceilometer, the external SW20 or the like, the usage situation of the NW bandwidth periodically.

The situation reception unit 122 is configured to receive a situationacquired from the function of managing the NW bandwidth of theceilometer or the like.

The available bandwidth amount calculation unit 123 is configured tocalculate the available bandwidth amount from the acquired usagebandwidth amount.

The bandwidth amount comparison and allocatable bandwidth calculationunit 124 is configured to compare the bandwidth information and theavailable bandwidth of the data management. The bandwidth amount to beallocated to each service is decided, the information is transferred tothe external SW 20, and the data management is updated.

External SW Configuration Unit 130

The external SW configuration unit 130 is configured to access theexternal SW 20, and to perform the config configuration based on thedata management information.

The external SW configuration unit 130 includes an external SWconfiguration information generation unit 131 and an external SWconnection and configuration unit 132.

The external SW configuration information generation unit 131 isconfigured to generate Config for configuring the allocated bandwidthamount for the external SW 20.

The external SW connection and configuration unit 132 is configured tobe connected to the external SW 20 to perform the Config input.

FIGS. 3A and 3B illustrate examples of information to be stored in adatabase (DB) by the data management storage unit 114. FIG. 3Aillustrates an example of records of the DB that stores the usagebandwidth amount at each date and time for each service, and FIG. 3Billustrates an example of records of the information regarding the NWcontrol such as the ID, the IP address, the MAC address, the VLAN, andthe bandwidth of each service.

As illustrated in FIG. 3A, the data management storage unit 114 isconfigured to store the usage bandwidth amount at each date and time foreach service in the DB.

As illustrated in FIG. 3B, the data management storage unit 114 isconfigured to store the ID, the IP address, the MAC address, the VLANID, the upper limit bandwidth, and the allocated bandwidth of eachservice in the DB.

Hereinafter, a network bandwidth control management method of thenetwork system having the aforementioned configuration will bedescribed.

Operational example of case of service registration FIG. 4 is a diagramillustrating an operational example in a case of service registration.

As illustrated in FIG. 4, the NW control management device 10 givespriority to the service and registers the service when the service isregistered on the virtualization platform. In the example of FIG. 4, thebandwidth upper limits are configured to 4 Gbps, 3 Gbps, and 2 Gbps fora service A (priority: high), a service B (priority: low), and a serviceC (priority: low), respectively. At this time, the NW control managementdevice 10 registers a service D (priority: high) (see, reference symbold of FIG. 4).

Specifically, the NW control management device 10 (see FIG. 2) executesthe following steps.

Step S1: Information Collection from Controller Node 7

The data update check unit 111 (see FIG. 2) of the data management unit110 checks the controller node 7 periodically for whether the VMinformation is not updated. The data reception unit 112 (see FIG. 2)receives the data acquired from the controller node 7 (see, referencesymbol e of FIG. 4).

Step S2: Storage of Information in DB

The data comparison and data update unit 113 (see FIG. 2) acquiresinformation on the service, which has been registered and managed in thecontroller node 7, in response to the registration of the service, andstores the acquired information and information on the priority in theDB of the data management storage unit 114 (see FIG. 2).

Step S3: Generation of Config Information

The data comparison and data update unit 113 refers to the DB of thedata management storage unit 114, and generates Config information forconfiguring the External SW 20 from the acquired data based on theinformation regarding the NW such as the VLAN, the upper limitbandwidth, and the priority which are related to the service in the NWcontrol management device 10. At this time, the data comparison and dataupdate unit 113 configures an output of the external SW 20 so as not toexceed the throughput of the OVS.

Step S4: Config Input

The external SW configuration information generation unit 131 (see FIG.2) of the external SW configuration unit 130 configures theconfiguration information of the external SW 20 based on the generatedConfig information.

Step S5: Configuration Modification

The external SW connection and configuration unit 132 (see FIG. 2) ofthe external SW configuration unit 130 is connected to the external SW20 to perform the Config input (see, reference symbol f of FIG. 4).

Step S6: Configuration Add

As illustrated in FIG. 4, the service D (priority: high) is configuredand added at a bandwidth upper limit of 1 Gbps.

Operational Example 1 in Operation

FIG. 5 is a diagram illustrating an operational example 1 in operation.

In the example of FIG. 5, the bandwidth upper limits are configured to 4Gbps, 3 Gbps, 2 Gbps, and 1 Gbps for a service A (priority: high), aservice B (priority: low), a service C (priority: low), and a service D(priority: high), respectively.

The NW control management device 10 (see FIG. 2) executes the followingsteps in operation.

Step S11: traffic information collection from ceilometer etc.

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks the function of managing the NW bandwidthby the ceilometer or the like for the usage situation of the NWbandwidth. The situation reception unit 122 receives a situationacquired from the function of managing the NW bandwidth by theceilometer or the like (see, reference symbol g of FIG. 5).

Step S12: Traffic Collection from External SW 20

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks the external SW 20 for the trafficinformation. The situation reception unit 122 receives the trafficinformation from the external SW 20 (see, reference symbol h of FIG. 5).

In this manner, the NW control unit 120 periodically acquires thetraffic information by using a function of acquiring the NW informationfrom the ceilometer or the like and the external SW 20 provided on thevirtualization platform. The NW control unit 120 identifies thebandwidth amount processable by the OVS of the virtualization platform,and has an upper limit thereof.

Step S13: Detection of OVS Over-Throughput and Generation of ConfigInformation

In a case where each service does not exceed the upper limit bandwidthconfigured for each service and the upper limit of the throughput of theOVS is exceeded, packet loss occurs. To avoid the packet loss, the NWcontrol management device 10 creates the Config information such thatthe bandwidth is secured for the service with high priority and thebandwidth is reduced for the service with low priority in considerationof the priority of each service before each service exceeds the upperlimit.

Specifically, the available bandwidth amount calculation unit 123 (seeFIG. 2) of the NW control unit 120 calculates the available bandwidthamount from the acquired usage bandwidth amount.

The bandwidth amount comparison and allocatable bandwidth calculationunit 124 (see FIG. 2) compares the bandwidth information of the datamanagement functional unit 114 with the aforementioned availablebandwidth amount, and decides the bandwidth amount to be allocated toeach service.

In the example of FIG. 5, the bandwidths are secured for the service Aand the service D with high priority (the bandwidth is not changed forthe service A at 4 Gbps and the service D at 1 Gbps), and the bandwidthsare reduced for the service B and the service C, both of which are oflow priority (the upper limit bandwidth is reduced to 1.7 Gbps from 3Gbps for the service B and is reduced to 1.3 Gbps from 2 Gbps for theservice C).

Step S14: Configuration Modification

The bandwidth amount comparison and allocatable bandwidth calculationunit 124 of the NW control unit 120 transfers the configurationinformation to the external SW 20 (see, reference symbol i of FIG. 5),and updates the DB of the data management storage unit 114.

The external SW configuration information generation unit 131 (see FIG.2) of the external SW configuration unit 130 configures theconfiguration information of the external SW 20 based on the generatedConfig information.

The external SW connection and configuration unit 132 (see FIG. 2) ofthe external SW configuration unit 130 is connected to the external SW20 to perform the Config input.

With the aforementioned operations, the services are controlled suchthat the upper limit bandwidths of the services with high priority aremaintained and the upper limit bandwidths of the services with lowpriority are reduced as illustrated in FIG. 5.

In the external NW 8, the packet flows into the virtualization platformin descending order of services with high priority, and thus, serviceinterruption of the services with high priority can be avoided.

Operational Example 2 in Operation

FIG. 6 is a graph representing the traffic volume of daily trends. Thetrends of the traffic volume in a time zone from 0:00 to 24:00 arerepresented on a horizontal axis, and the bandwidths used for theservices are illustrated stacked on a vertical axis. The hatchingpattern for each stack in the figures corresponds to the legend of eachservice in FIGS. 4 and 5.

As represented in FIG. 6, it is assumed that a throughput limit of theOVS 5 is 8 Gbps. In the daily trends represented in FIG. 6, thethroughput of the OVS 5 does not exceed the limit even in any time zonefrom 0:00 to 24:00. In the case of the time zone indicated by a dashedoval box (from 18:00 to 21:00) of FIG. 6, there is an availablebandwidth of about 3 Gbps with respect to 8 Gbps which is the throughputlimit of the OVS 5. Thus, the upper limit bandwidth of the service D(priority: high, 1 Gbps) indicated by an arrow j of FIG. 6 can beincreased to 3 Gbps temporarily. In this manner, the improved servicecan be provided to the service D with high priority.

FIG. 7 is a diagram illustrating the operational example 2 in operation.This operation example is an example in which the traffic volume of thetrends of FIG. 6 is identified and the identified traffic volume isapplied to the operation.

In the example of FIG. 7, the bandwidth upper limits are configured to 4Gbps, 3 Gbps, 2 Gbps, and 1 Gbps for a service A (priority: high), aservice B (priority: low), a service C (priority: low), and a service D(priority: high) as in FIG. 6, respectively.

Step S21: Traffic Information Collection from Ceilometer Etc.

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks the function of managing the NW bandwidthby the ceilometer or the like for the usage situation of the NWbandwidth. The situation reception unit 122 receives the situationacquired from the function of managing the NW bandwidth by theceilometer or the like (see, reference symbol k of FIG. 7).

Step S22: Traffic Collection from External SW 20

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks the external SW 20 for the trafficinformation. The situation reception unit 122 receives the trafficinformation from the external SW 20 (see, reference symbol l of FIG. 7).

In this manner, the NW control unit 120 periodically acquires thetraffic information by using a function of acquiring the NW informationfrom the ceilometer or the like and the external SW 20 provided on thevirtualization platform. The NW control unit 120 identifies thebandwidth amount processable by the OVS of the virtualization platform,and has an upper limit thereof.

Step S23: Detection that there is Room in NW and Generation of ConfigInformation

When there is room in the NW bandwidth of the entire virtualizationplatform as in the time zone indicated by the dashed oval box (from18:00 to 21:00) of FIG. 6, the Config information for temporarilychanging the upper limit bandwidth of the service D (priority: high)from 1 Gbps to 3 Gbps is created.

The NW control management device 10 is connected to the external SW 20to modify the configuration of the external SW 20 according to thecreated Config information.

Step S24: Configuration Modification

The bandwidth amount comparison and allocatable bandwidth calculationunit 124 of the NW control unit 120 transfers the configurationinformation to the external SW 20 (see, reference symbol m of FIG. 7),and updates the information of the data management storage unit 114. Theexternal SW configuration information generation unit 131 (see FIG. 2)of the external SW configuration unit 130 configures the configurationinformation of the external SW 20 based on the generated Configinformation.

With the aforementioned operations, in a case where there is room in theNW of the virtualization platform, the bandwidth is temporarilyallocated to the service of which the bandwidth exceeds the upper limitbandwidth, and thus, the NW is effectively utilized.

Operational Example 3 in Operation

FIG. 8 is a graph representing the traffic volume of the identical dailytrends as those of FIG. 6. The trends of the traffic volume in a timezone from 0:00 to 24:00 are represented on a horizontal axis, and thebandwidths used for the services are illustrated stacked on a verticalaxis. In the time zone indicated by a dashed oval box (from 21:00 to24:00) of FIG. 8, the available bandwidth of about 3 Gbps present in thetime zone (from 18:00 to 21:00) tends to decrease. Thus, as indicated byan arrow n of FIG. 8, control for restoring the upper limit bandwidth ofthe service D (priority: high, 1 Gbps) that has been increasedtemporarily to the original upper limit bandwidth is performed.

FIG. 9 is a diagram illustrating the operational example 3 in operation.This operational example is an example in which the traffic volume ofthe trends of FIG. 8 is identified and the upper limit bandwidth of theservice that has been increased temporarily is restored to the originalupper limit bandwidth.

In the example of FIG. 9, the service D (priority: high) has beenconfigured to 3 Gbps temporarily.

Step S31: Traffic Information Collection by Ceilometer Etc.

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks, to the function of managing the NWbandwidth by the ceilometer or the like, the usage situation of the NWbandwidth. The situation reception unit 122 receives a situationobtained from a function managing the NW bandwidth by a ceilometer orthe like (see reference sign o in FIG. 9).

Step S32: Traffic Collection from External SW 20

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks the external SW 20 for the trafficinformation. The situation reception unit 122 receives the trafficinformation from the external SW 20 (see, reference symbol p of FIG. 9).

Step S33: Detection that there is No Room in NW and Generation of ConfigInformation

When the available bandwidth of the NW bandwidth of the entirevirtualization platform tends to decrease as in the time zone indicatedby the dashed oval box (from 21:00 to 24:00) of FIG. 8, the Configinformation for changing the upper limit bandwidth of the service D(priority: high) that has been increased temporarily from 3 Gbps to 3Gbps, which is the original upper limit bandwidth, is created.

The NW control management device 10 is connected to the external SW 20to modify the configuration of the external SW 20 according to thecreated Config information.

Step S34: Configuration Modification

The bandwidth amount comparison and allocatable bandwidth calculationunit 124 of the NW control unit 120 transfers the configurationinformation to the external SW 20 (see, reference symbol q of FIG. 9),and updates the information of the data management storage unit 114.

The external SW configuration information generation unit 131 (see FIG.2) of the external SW configuration unit 130 configures theconfiguration information of the external SW 20 based on the generatedConfig information.

With the aforementioned operations, the upper limit bandwidth that hasbeen allocated temporarily to the service, of which the bandwidthexceeds the upper limit bandwidth when there has been room in the NW ofthe virtualization platform, is restored to the original upper limitbandwidth, and thus, the upper limit bandwidth can be reliablymaintained within the throughput limit of the OVS 5. Even though thetemporal upper limit bandwidth has been allocated temporarily to theservice of which the bandwidth exceeds the upper limit bandwidth, thethroughput can be maintained within the throughput limit of the OVS 5,and thus, the NW of the virtualization platform can be effectivelyutilized.

Operational Example 4 in Operation

FIG. 10 is a diagram illustrating an operational example 4 in operation,and illustrates an example of a case of service deletion.

In the example of FIG. 10, the bandwidth upper limits are configured to4 Gbps, 3 Gbps, 2 Gbps, and 1 Gbps for a service A (priority: high), aservice B (priority: low), a service C (priority: low), and a service D(priority: high), respectively. At this time, an example in which theservice C (priority: low) is deleted is illustrated (see, referencesymbol r of FIG. 10).

Step S41: Traffic Information Collection by Ceilometer Etc.

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks the function of managing the NW bandwidthby the ceilometer or the like for the usage situation of the NWbandwidth. The situation reception unit 122 receives the situationacquired from the function of managing the NW bandwidth by theceilometer or the like (see, reference symbol s of FIG. 9).

The NW usage situation check unit 121 identifies the information on theservice deleted from the controller in response to the deletion of theservice from the NW of the virtualization platform.

Step S42: Traffic Collection from External SW 20

The NW usage situation check unit 121 (see FIG. 2) of the NW controlunit 120 periodically checks the external SW 20 for the trafficinformation. The situation reception unit 122 receives the trafficinformation from the external SW 20 (see, reference symbol t of FIG. 9).

Step S43: Identification of Deleted Service and Generation of ConfigInformation

The NW usage situation check unit 121 identifies the information on theservice deleted from the controller in response to the deletion of theservice from the NW of the virtualization platform.

The NW control unit 120 (see FIG. 2) generates Config information fordeleting the information regarding the NW such as a VLAN related to thedeleted service.

Step S44: Configuration Modification

The bandwidth amount comparison and allocatable bandwidth calculationunit 124 of the NW control unit 120 transfers the configurationinformation to the external SW 20 (see, reference symbol u of FIG. 9),and updates the information of the data management storage unit 114.

The external SW configuration information generation unit 131 (see FIG.2) of the external SW configuration unit 130 configures theconfiguration information of the external SW 20 based on the generatedConfig information.

Step S45: Deletion from DB

The data management unit 110 (see FIG. 2) deletes the information on thedeleted service from the DB of the data management storage unit 114.

Example of Assumed Pattern of Bandwidth Control

An example of a possible pattern of the bandwidth control will bedescribed with reference to FIGS. 11 to 14.

Pattern Example 1

FIG. 11 is an example of a case where OVS throughput is equal to orgreater than the total traffic volume and the priorities are identical(all high or low).

In the example of FIG. 11, all priorities are identical for a service A(priority: low), a service B (priority: low), a service C (priority:low), and a service D (priority: low), and are “low”. It is assumed thatthe throughput limit of the OVS 5 is 9 Gbps and the total traffic volumeis 8 Gbps. When OVS throughput is equal to or greater than the totaltraffic volume and priorities are identical (all low), 8 Gbps which isthe total upper limit inflow amount falls within 9 Gbps which is thethroughput limit of the OVS 5, and there is no need for bandwidthchange. When there is room in the NW bandwidth, it is also possible toequally increase the upper limit.

When OVS throughput is equal to or greater than the total traffic volumeand priorities are identical (all high), 8 Gbps which is the total upperlimit inflow amount falls within 9 Gbps which is the throughput limit ofthe OVS 5. There is room of 1 Gbps up to 9 Gbps which is the throughputlimit of the OVS 5, but the order of the priorities are not given due tothe identical priorities (all high). When there is room in the NWbandwidth, it is also possible to equally increase the upper limit.

Pattern Example 2

FIG. 12 is an example of a case where OVS throughput is less than thetotal traffic volume and priorities are identical (all high or low).

In the example of FIG. 12, all priorities are identical for a service A(priority: high), a service B (priority: high), a service C (priority:high), and a service D (priority: high), and are “high”. The throughputlimit of the OVS 5 is 9 Gbps, and the total upper limit inflow amount is10 Gbps. The total upper limit inflow amount exceeds 1 Gbps with respectto 9 Gbps which is the throughput of the OVS 5, but the priorities ofthe services are identical. In this case, the NW control unit 120 (seeFIG. 2) obtains total traffic volume/OVS throughput x upper limitbandwidth of each service.

In the example of FIG. 12, the bandwidth upper limits are configured to4 Gbps, 3 Gbps, 2 Gbps, and 1 Gbps for the service A (priority: high),the service B (priority: high), the service C (priority: high), and theservice D (priority: high), respectively. However, each bandwidth upperlimit configuration is equally reduced by 10%, and the bandwidth upperlimits are configured to 3.6 Gbps, 2.7 Gbps, 1.8 Gbps, and 0.9 Gbps,respectively (see, reference symbol w of FIG. 12). Accordingly, 10% ofpackets are equally discarded or delayed.

The following pattern example 3 and pattern example 4 are examples inwhich the priorities of the services are not identical.

Pattern Example 3

FIG. 13 is an example of a case where OVS throughput is equal to orgreater than the total traffic volume and priorities are mixed.

In the example of FIG. 13, there are a service A (priority: high), aservice B (priority: low), a service C (priority: low), and a service D(priority: high). The throughput limit of the OVS 5 is 9 Gbps, and thetotal traffic volume is 8 Gbps.

As illustrated in FIG. 13, when OVS throughput is equal to or greaterthan the total traffic volume and priorities are mixed, 8 Gbps which isthe total traffic volume falls within 9 Gbps which is the throughputlimit of the OVS 5, and thus, there is no bandwidth change (see,reference symbol x of FIG. 13).

In this manner, when OVS throughput is equal to or greater than thetotal traffic volume and priorities are mixed, there is no bandwidthchange, and these upper limit bandwidths are used as the upper limitbandwidth of the services.

Pattern Example 4

FIG. 14 is an example of a case where OVS throughput is less than thetotal traffic volume and priorities are mixed.

In the example of FIG. 14, there are a service A (priority: high), aservice B (priority: low), a service C (priority: low), and a service D(priority: high). The throughput limit of the OVS 5 is 9 Gbps, and thetotal traffic volume is 10 Gbps.

When OVS throughput is less than the total traffic volume and prioritiesare mixed, the bandwidth upper limit configuration is not reduced forthe service with high priority, and the bandwidth upper limitconfiguration is reduced for the service with low priority. In thiscase, the bandwidth is not modified for the service with high priority,and the bandwidth obtained by (total inflow amount of “low”)/(remainingOVS throughput)×(upper limit bandwidth of each service) is used for theservice with low priority.

In the example of FIG. 14, the bandwidth upper limits are configured to4 Gbps, 3 Gbps, 2 Gbps, and 1 Gbps for the service A (priority: high),the service B (priority: low), the service C (priority: low), and theservice D (priority: high). The bandwidth is not modified for theservice with high priority, and the bandwidth upper limit is reduced forthe service with low priority as will be described below.

The bandwidth allocatable to the service with priority “low” is9−(4+1)=4 Gbps obtained by subtracting the bandwidths of the serviceswith priority “high” from 9 Gbps which is the throughput of the OVS 5.Thus, the NW control unit 120 (see FIG. 2) equally reduces 3 Gbps and 2Gbps which are the bandwidth upper limit configuration of the service B(priority: low) and the service C (priority: low) by 20%, and configures2.4 Gbps and 1.6 Gbps as the bandwidth upper limit configurations,respectively (see, reference symbol y of FIG. 14). Accordingly, 20% ofpackets are equally discarded or delayed for the bandwidth allocatableto the service with priority “low”.

As described above, the network system 100 includes the external SW 20that is provided between the virtualization platform and the external NW20 and configured to control a bandwidth amount of packets flowing intothe OVS 5, and the NW control management device 10 that is configured tomodify a configuration of bandwidth control and priority control of theexternal SW 20 in response to addition or deletion of the service of thevirtualization platform based on information acquired from the computenodes 1 to 3, the network node 6, and the controller node 7.

The NW control management device 10 includes the data management unit110 configured to acquire information on the VM from the controller node7 and to manage information regarding the NW control including an ID, anIP address, a MAC address, a VLAN, and a bandwidth of each service: theNW control unit 120 configured to collect information from theceilometer provided on the virtualization platform, to monitor the NWbandwidth amount of the external SW 20, and to release or configure thebandwidth limitation corresponding to the usage amount of each VM whenthe upper limit of the bandwidth is not configured or when there is theavailable bandwidth; and the external SW configuration unit 130 that isconfigured to generate Config information for configuring the bandwidthamount to be allocated to each service on the external SW 20, and isconfigured to be connected to the external SW 20 to input Configinformation.

In the NW control management device 10, modifying the configuration ofthe bandwidth control and the priority control of the external SW 20 inresponse to the addition or deletion of the service of thevirtualization platform based on the information acquired from thecompute nodes 1 to 3, the network node 6, and the controller node 7 isexecuted. In the external SW 20, controlling the bandwidth amount of thepackets flowing into the OVS 5 is executed.

In the related art (see FIGS. 15 and 16), in particular, when a largenumber of packets flow from the external SW 20, from the perspective ofthe entire virtualization platform, packets of the individual service,for which the bandwidth does not exceed, flow into the OVS 5, increasinga processing load of the OVS 5, and creating a congestion. That is, thepacket loss occurs even though each service is equal to or less than theconfigured upper limit of the bandwidth. The packets are discarded evenif the packets that needs to be prioritized flow form the external NW.This causes delay due to communication interruption or packetretransmission of the service installed on the virtualization platformoccurs. Even with a service with high priority such as phone calls, thepacket may be discarded, and thus, the service may not be established.

In contrast, in the present embodiment, the configuration of thebandwidth control and the priority control of the external SW 20 inresponse to the addition or deletion of the service of thevirtualization platform is modified by using the ID information and theMAC address information or the VLAN information and the IP addressinformation of the VM within the controller node 7 of the virtualizationplatform. Accordingly, the congestion in the OVS 5 on the virtualizationplatform can be eliminated, and the packet to be prioritized can beprocessed. It is possible to prevent packets that need to preferentiallyflow from being discarded at a time of high load.

The usage bandwidth is modified depending on the usage situation of theNW of the virtualization platform, and thus, the NW can be effectivelyutilized.

In the present embodiment, the bandwidth control is automaticallyconfigured. That is, in the related art, an operator needs to design thebandwidth in consideration of the bandwidth of the full service (VM) ina method of manually configuring the bandwidth control by the operator.The design needs to be reviewed and reconfigured whenever the service isadded or deleted. In contrast, in the present embodiment, the usagebandwidth can be automatically modified while eliminating design reviewsby the operator, and thus, the NW can be effectively utilized.

In the present embodiment, the NW control management device 10 isconfigured to generate the Config information for configuring theinformation regarding the NW including the VLAN, the upper limitbandwidth, and the priority which are related to the service, on theexternal SW 20 based on the acquired information, and the NW controlmanagement device 10 is configured to be connected to the external SW20, and to modify the configuration of the external SW 20 according tothe created Config information. Accordingly, the NW control managementdevice 10 can modify the configuration of the bandwidth control and thepriority control in accordance with the external SW 20.

In the present embodiment, the NW control management device 10 includesthe data storage unit 114 that is configured to identify the bandwidthamount processable by the OVS 5 of the virtualization platform and tostore the upper limit thereof. Furthermore, the NW control managementdevice 10 is configured to collect the information from the ceilometerprovided on the virtualization platform, to monitor the NW bandwidth ofthe external SW 20, and to acquire the traffic information of eachservice periodically. The NW control management device 10 is configuredto generate the Config information such that the bandwidth is securedfor the service with high priority and the bandwidth is reduced for theservice with low priority before each service does not exceed the upperlimit bandwidth configured for each service and the upper limit of thethroughput of the OVS 5 is exceeded. Thus, the status of the NW usage ofthe virtualization platform is monitored, and the bandwidth control canbe automatically modified in response to the service available up to thebandwidth upper limit and an status of the NW availability of thevirtualization platform. Accordingly, the NW of the virtualizationplatform can be effectively utilized. In particular, in the external NW8, the packet flows into the virtualization platform in descending orderof services with high priority, and thus, service interruption of theservices with high priority can be avoided.

In the present embodiment, the NW control management device 10 isconfigured to identify the trends of time, month, day, or day of theweek when a traffic volume of each service is the greatest or is small,and to create the Config information that temporarily modifies the upperlimit bandwidth of the service when the service tends to exceed theupper limit bandwidth and there is room in the NW bandwidth of theoverall virtualization platform. Thus, the function of automaticmodification of the bandwidth upper limit of the bandwidth control ofthe virtualization platform and the external SW 20 temporarily isprovided, and the NW of the virtualization platform can be effectivelyutilized.

In addition, among processes described in the embodiment, all or someprocesses described as being performed automatically can be manuallyperformed, or all or some processes described as being performedmanually can be performed automatically by the well-known method. Inaddition, information including the processing procedures, the controlprocedures, the specific names, and the various types of data, andvarious parameters described in the aforementioned document and drawingscan be modified as desired except in the case specifically noted.

Each component of each apparatus illustrated is a functional concept,and does not necessarily need to be physically configured asillustrated. That is, the specific form of distribution and integrationof the apparatus is not limited to the illustrated form, and theentirety or a portion of the form can be configured by beingfunctionally or physically distributed and integrated in any unit,depending on various loads, usage conditions, and the like.

Some or all of the configurations, the functions, the processing units,the processing mechanisms, and the like may be realized in hardware bybeing designed, for example, in an integrated circuit. Each of theconfigurations, the functions, and the like may be realized in softwarefor a processor to interpret and execute a program that implements thefunctions. Information such as programs, tables, files, and the like,which are for implementing the functions can be held in a recordingdevice such as a memory, a hard disk, and a Solid State Drive (SSD), ora recording medium such as an Integrated Circuit (IC) card, a SecureDigital (SD) card, and an optical disk. In the present specification,the processes describing the time sequential processes include parallelor individually performed processes (for example, parallel processing orobject processing) without necessarily being processed sequentially, inaddition to processing performed sequentially in described order.

REFERENCE SIGNS LIST

-   1 to 3: compute node-   4: L2 switch L2SW (L2SW)-   5: OVS-   6: Network node-   7: Controller node-   10: NW control management device-   20: External SW-   100: Network system-   110: Data management unit-   111: Data update check unit-   112: Data reception unit-   113: Data comparison and data update unit-   114: Data management storage unit-   120: NW control unit-   121: NW usage situation check unit-   122: Situation reception unit-   123: Available bandwidth amount calculation unit-   124: Bandwidth amount comparison and allocatable bandwidth    calculation unit-   130: External SW configuration unit-   131: External SW configuration information generation unit-   132: External SW connection and configuration unit-   VM₁ to VM₄: Virtual machine

1. A network system, in which a plurality of services are installed on avirtualization platform and a component constituting OpenStack connectedto an open virtual switch (OVS) is included, the OVS being configured todiscard packets when the packets flowing from an external network (NW)exceed an upper limit of a bandwidth configured for each service, thenetwork system comprising: an external switch (SW) that is providedbetween the virtualization platform and the external NW and configuredto control a bandwidth amount of packets flowing to the OVS; and an NWcontrol management device configured to modify a configuration ofbandwidth control and priority control of the external SW in response toaddition or deletion of the service of the virtualization platform basedon information acquired from the component.
 2. The network systemaccording to claim 1, wherein the NW control management device isconfigured to generate configuration information for configuringinformation regarding an NW including a virtual LAN (VLAN), an upperlimit bandwidth, and priority which are related to the service on theexternal SW, based on the acquired information, and the NW controlmanagement device is configured to be connected to the external SW, andto modify the configuration of the external SW according to thegenerated configuration information.
 3. The network system according toclaim 1, wherein the NW control management device includes: a datamanagement unit including one or more processors, configured to acquireinformation on a virtual machine (VM) from a controller nodeconstituting the component, and manage information regarding NW controlincluding an ID, an IP address, a MAC address, a VLAN, and a bandwidthof each service; an NW control unit including one or more processors,configured to collect information from a ceilometer provided on thevirtualization platform, to monitor an NW bandwidth amount of theexternal SW, and to release or configure a bandwidth limit correspondingto a usage amount of each VM when the upper limit of the bandwidth isnot configured or when there is an available bandwidth; and an externalSW configuration unit, including one or more processors, that isconfigured to generate configuration information for configuring abandwidth amount to be allocated to each service on the external SW, andis configured to be connected to the external SW to input theconfiguration information.
 4. The network system according to claim 1,wherein the NW control management device includes a data storage mediumconfigured to identify a bandwidth amount that is processable by the OVSof the virtualization platform, and to store an upper limit of thebandwidth amount, the NW control management device is configured tocollect information from a ceilometer provided on the virtualizationplatform, to monitor an NW bandwidth amount of the external SW, and toacquire traffic information of each service periodically, and the NWcontrol management device is configured to generate configurationinformation such that a bandwidth is secured for a service with highpriority and an upper limit bandwidth is reduced for a service with lowpriority before each service does not exceed an upper limit bandwidthconfigured for each service and an upper limit of a throughput of theOVS is exceeded.
 5. The network system according to claim 4, wherein theNW control management device is configured to identify a time, month,day, or day of a week when a traffic volume of each service is thegreatest or is small, and the NW control management device is configuredto create configuration information to temporarily increase the upperlimit bandwidth of the service when the service tends to exceed theupper limit bandwidth and there is room in the NW bandwidth of theentire virtualization platform.
 6. A network bandwidth controlmanagement method, in which a plurality of services are installed on avirtualization platform and a component constituting OpenStack connectedto an open virtual switch (OVS) is included, the OVS being configured toperform policing of packets when the packets flowing from an external NWexceed an upper limit of a bandwidth configured for each service, thenetwork bandwidth control management method comprising: changing aconfiguration of bandwidth control and priority control of an externalSW in response to addition or deletion of the service of thevirtualization platform based on information acquired from the componentin an NW control management device that controls NW control, andcontrolling a bandwidth amount of the packets flowing into the OVS inthe external SW provided between the virtualization platform and theexternal NW.
 7. The network bandwidth control management methodaccording to claim 6, wherein the NW control management device isconfigured to generate configuration information for configuringinformation regarding an NW including a virtual LAN (VLAN), an upperlimit bandwidth, and priority which are related to the service on theexternal SW, based on the acquired information, and the NW controlmanagement device is configured to be connected to the external SW, andto modify the configuration of the external SW according to thegenerated configuration information.
 8. The network bandwidth controlmanagement method according to claim 6, wherein the NW controlmanagement device includes: a data management unit, including one ormore processors, configured to acquire information on a virtual machine(VM) from a controller node constituting the component, and manageinformation regarding NW control including an ID, an IP address, a MACaddress, a VLAN, and a bandwidth of each service; an NW control unit,including one or more processors, configured to collect information froma ceilometer provided on the virtualization platform, to monitor an NWbandwidth amount of the external SW, and to release or configure abandwidth limit corresponding to a usage amount of each VM when theupper limit of the bandwidth is not configured or when there is anavailable bandwidth; and an external SW configuration unit, includingone or more processors, that is configured to generate configurationinformation for configuring a bandwidth amount to be allocated to eachservice on the external SW, and is configured to be connected to theexternal SW to input the configuration information.
 9. The networkbandwidth control management method according to claim 6, wherein the NWcontrol management device includes a data storage medium configured toidentify a bandwidth amount that is processable by the OVS of thevirtualization platform, and to store an upper limit of the bandwidthamount, the NW control management device is configured to collectinformation from a ceilometer provided on the virtualization platform,to monitor an NW bandwidth amount of the external SW, and to acquiretraffic information of each service periodically, and the NW controlmanagement device is configured to generate configuration informationsuch that a bandwidth is secured for a service with high priority and anupper limit bandwidth is reduced for a service with low priority beforeeach service does not exceed an upper limit bandwidth configured foreach service and an upper limit of a throughput of the OVS is exceeded.10. The network bandwidth control management method according to claim9, wherein the NW control management device is configured to identify atime, month, day, or day of a week when a traffic volume of each serviceis the greatest or is small, and the NW control management device isconfigured to create configuration information to temporarily increasethe upper limit bandwidth of the service when the service tends toexceed the upper limit bandwidth and there is room in the NW bandwidthof the entire virtualization platform.